Intellectual property — no unauthorized copyrighted images, fonts, music, or trademarks — AuditBuffet Pattern Catalog

Why it matters

Apple guideline 5.2 and Google Play's Intellectual Property policy treat IP violations as grounds for immediate removal — not just rejection. Fonts downloaded from DaFont are frequently personal-use only; stock photos from Freepik often require a paid commercial license; sports team logos and entertainment character art almost always require a specific licensing agreement. Beyond store policy, bundling unlicensed commercial assets is a legal liability: the SPDX license compliance framework exists precisely because IP owners actively monitor app stores and issue takedowns. An app can ship, rank, and accumulate users, then be removed and sued without warning.

Remediation

Audit every file in assets/, ios/*/Images.xcassets/, android/*/res/drawable*/, and assets/fonts/ and confirm each has a license explicitly covering commercial app embedding.

Safe font sources:

Google Fonts (all SIL OFL licensed)
assets/fonts/InterVariable.ttf sourced from rsms.me/inter (OFL)

Safe image sources: Unsplash (free with attribution), Pexels (free), or licensed stock with a commercial application license.

# Check for DaFont or suspicious font sources in commit history
git log --all --full-history -- "assets/fonts/*"

For social login brand marks (Apple, Google, Facebook), use only the official brand-approved assets in the approved sizes and colors — each provider publishes a brand guidelines document with downloadable compliant assets.

Detection

ID: app-store-policy-compliance.app-quality.ip-rights
Severity: high
What to look for: Count all relevant instances and enumerate each. Examine the assets bundled with the app: (1) Images — Check assets/, ios/[AppName]/Images.xcassets/, android/app/src/main/res/drawable*/, Flutter assets/images/ for image files. Look for recognizable brand logos, character artwork (game characters, movie characters, sports team logos), or stock photography that may not be licensed for commercial use. Search for unsplash.com URLs or freepik.com URLs in source comments — Unsplash photos require attribution; many Freepik assets require a paid license for commercial use. (2) Fonts — Check assets/fonts/, app.json expo.fonts, Swift UIFont(name:) calls, Flutter TextTheme customizations for custom fonts loaded from the bundle. Verify that any custom font is either OFL (SIL Open Font License), MIT, or commercially licensed. Common trap: fonts downloaded from DaFont.com are often free for personal use only. (3) Music and Audio — Check assets/sounds/, assets/audio/, Flutter assets/ for audio files. Commercial music requires a sync license for app use even if only used as background music. (4) Trademarks — Search all source files and metadata for third-party brand names or logos used as UI elements (e.g., "Powered by Stripe" badge without Stripe's brand guidelines, a social login button using Facebook's f logo in a non-compliant color). Apple and Google both require that apps not use third-party intellectual property without authorization.
Pass criteria: All images are either original, licensed for commercial app use (with verifiable license), or are from free-for-commercial-use sources (CC0, Unsplash with attribution where required). At least 1 implementation must be verified. All fonts are under OFL, MIT, or a commercial license. No commercial music is bundled. Third-party brand logos used for social login follow the brand's official guidelines.
Fail criteria: Bundled images appear to be copyrighted brand logos, character art, or sports logos used without obvious authorization; custom fonts are from personal-use-only sources; commercial music is bundled; third-party brand logos are displayed in non-compliant sizes, colors, or contexts.
Skip (N/A) when: App bundles no custom images, fonts, audio, or third-party brand assets — all UI uses only system fonts, system icons, and no bundled media.
Detail on fail: "Font 'MyCoolFont.ttf' in assets/fonts/ appears to be from DaFont.com — many DaFont fonts are personal-use only" or "assets/images/team-logo.png appears to contain an NFL team logo — commercial use requires a license from the NFL"
Remediation: IP violations can result in app removal, not just rejection. They are also a legal liability.
1. For fonts: use Google Fonts (all OFL licensed) or purchase a commercial font license explicitly covering app embedding
2. For images: use Unsplash (free), Pexels (free), or licensed stock photography. Never screenshot or download images from competitor apps, sports sites, or entertainment sites
3. For audio: use royalty-free music from sources like Pixabay, FreeSound (check individual licenses), or purchase a commercial sync license
4. For brand logos (social login, payment methods): follow each brand's official brand guidelines — most provide approved assets in approved formats
Review the configuration in src/ or app/ directory for implementation patterns.
Cross-reference: For related patterns and deeper analysis, see the corresponding checks in other AuditBuffet audits covering this domain.

Why it matters

Remediation

Audit every file in assets/, ios/*/Images.xcassets/, android/*/res/drawable*/, and assets/fonts/ and confirm each has a license explicitly covering commercial app embedding.

Safe font sources:

Google Fonts (all SIL OFL licensed)
assets/fonts/InterVariable.ttf sourced from rsms.me/inter (OFL)

Safe image sources: Unsplash (free with attribution), Pexels (free), or licensed stock with a commercial application license.

# Check for DaFont or suspicious font sources in commit history
git log --all --full-history -- "assets/fonts/*"

Detection

ID: app-store-policy-compliance.app-quality.ip-rights
Severity: high
What to look for: Count all relevant instances and enumerate each. Examine the assets bundled with the app: (1) Images — Check assets/, ios/[AppName]/Images.xcassets/, android/app/src/main/res/drawable*/, Flutter assets/images/ for image files. Look for recognizable brand logos, character artwork (game characters, movie characters, sports team logos), or stock photography that may not be licensed for commercial use. Search for unsplash.com URLs or freepik.com URLs in source comments — Unsplash photos require attribution; many Freepik assets require a paid license for commercial use. (2) Fonts — Check assets/fonts/, app.json expo.fonts, Swift UIFont(name:) calls, Flutter TextTheme customizations for custom fonts loaded from the bundle. Verify that any custom font is either OFL (SIL Open Font License), MIT, or commercially licensed. Common trap: fonts downloaded from DaFont.com are often free for personal use only. (3) Music and Audio — Check assets/sounds/, assets/audio/, Flutter assets/ for audio files. Commercial music requires a sync license for app use even if only used as background music. (4) Trademarks — Search all source files and metadata for third-party brand names or logos used as UI elements (e.g., "Powered by Stripe" badge without Stripe's brand guidelines, a social login button using Facebook's f logo in a non-compliant color). Apple and Google both require that apps not use third-party intellectual property without authorization.
Pass criteria: All images are either original, licensed for commercial app use (with verifiable license), or are from free-for-commercial-use sources (CC0, Unsplash with attribution where required). At least 1 implementation must be verified. All fonts are under OFL, MIT, or a commercial license. No commercial music is bundled. Third-party brand logos used for social login follow the brand's official guidelines.
Fail criteria: Bundled images appear to be copyrighted brand logos, character art, or sports logos used without obvious authorization; custom fonts are from personal-use-only sources; commercial music is bundled; third-party brand logos are displayed in non-compliant sizes, colors, or contexts.
Skip (N/A) when: App bundles no custom images, fonts, audio, or third-party brand assets — all UI uses only system fonts, system icons, and no bundled media.
Detail on fail: "Font 'MyCoolFont.ttf' in assets/fonts/ appears to be from DaFont.com — many DaFont fonts are personal-use only" or "assets/images/team-logo.png appears to contain an NFL team logo — commercial use requires a license from the NFL"
Remediation: IP violations can result in app removal, not just rejection. They are also a legal liability.
1. For fonts: use Google Fonts (all OFL licensed) or purchase a commercial font license explicitly covering app embedding
2. For images: use Unsplash (free), Pexels (free), or licensed stock photography. Never screenshot or download images from competitor apps, sports sites, or entertainment sites
3. For audio: use royalty-free music from sources like Pixabay, FreeSound (check individual licenses), or purchase a commercial sync license
4. For brand logos (social login, payment methods): follow each brand's official brand guidelines — most provide approved assets in approved formats
Review the configuration in src/ or app/ directory for implementation patterns.
Cross-reference: For related patterns and deeper analysis, see the corresponding checks in other AuditBuffet audits covering this domain.

Intellectual property — no unauthorized copyrighted images, fonts, music, or trademarks

Why it matters

Severity rationale

Remediation

Detection

External references

Taxons

History

Intellectual property — no unauthorized copyrighted images, fonts, music, or trademarks

Why it matters

Severity rationale

Remediation

Detection

External references

Taxons

History